module.exports = app =>{
    const express = require('express')
    const jwt =  require('jsonwebtoken')
    const AdminUser = require('../../models/AdminUser')
    const assert = require('http-assert')
    //api路由
    const router = express.Router({
        mergeParams: true // 与req合并参数
    })

    //登录校验中间件
    const authMiddleware =  require('../../middleware/auth')()

    //资源判断
    const resourceMiddleware = require('../../middleware/resource')()
    //创建资源
    router.post('/',async (req,res)=>{
      
        const model = await req.Model.create(req.body)
        res.send(model)
    })
    //修改资源
    router.put('/:id',async (req,res)=>{
        const model = await req.Model.findByIdAndUpdate(req.params.id,req.body)
        res.send(model)
    })
    //删除资源
    router.delete('/:id',async (req,res)=>{
        await req.Model.findByIdAndDelete(req.params.id,req.body)
        res.send({
            success:true
        })
    })
    //资源列表
    router.get('/',async (req,res)=>{
        let queryOptions = {}
        if (req.Model.modelName === 'Category') {
            queryOptions.populate = 'parent'
        }
        const items = await req.Model.find().setOptions(queryOptions) //.limit(100)
        res.send(items)
    })
    //资源详情
    router.get('/:id',async (req,res)=>{
        console.log(req.params);
        const model = await req.Model.findById(req.params.id)
        res.send(model)
    })

    app.use('/admin/api/rest/:resource', authMiddleware, resourceMiddleware ,router)


    //图片上传接口
    const multer =  require('multer')
    const upload = multer({dest:__dirname + '/../../uploads'})
    app.post('/admin/api/upload',authMiddleware ,upload.single('file'),async (req,res) => {
        const file =  req.file //req.file 是multer加上去的
        file.url = `http://localhost:3000/uploads/${file.filename}` //设置图片的地址
        res.send(file)
    })

    //登录接口
    app.post('/admin/api/login',async (req ,res)=>{
        const { username,password } = req.body
        // 1.根据用户名找用户

        const user = await AdminUser.findOne({username}).select('+password') 
        assert(user, 422 , '用户不存在')
        // if (!user) {
        //     return res.status(422).send({
        //         message:'用户名不存在'
        //     })
        // }

        // 2.验证用户
       const isVaild =  require('bcrypt').compareSync(password,user.password)
       assert(isVaild, 422 , '密码错误')
    //    if (!isVaild) {
    //        return res.status(422).send({
    //            message:'密码错误'
    //        })
    //    }
        // 3.返回token
       
        const token = jwt.sign({ id:user._id},app.get('secret'))  
        res.send({token})
    })

   // 错误处理函数
    app.use(async (err,req,res,next)=>{
        console.log(err);
        res.status(err.statusCode || 500).send({
            message: err.message
        })
        // await next()
    })
}